"Admin is disabled because insecure channel" error Hosting web2py app on Amazon EC2 Linux server
2,487 views
Skip to first unread message
Pawan Gupta
Apr 20, 2014, 2:52:28 PM4/20/14
to web...@googlegroups.com
Hi Everyone
We are having serious problem with our website 911india.com. We have hosted it on Amazon EC2 server and there is a ticket that is issued which redirects us to the admin interface that shows "Admin is disabled because insecure channel"
I tried searching on the website but nothing seems to make sense probably because we are somewhat beginners.
Can someone please help us with what could be done to resolve this.
Cheers
Pawan
Marin Pranjić
Apr 21, 2014, 6:30:05 AM4/21/14
to web...@googlegroups.com
http is insecure. you need to use https to access admin app.
Marin (mobile)
--
Resources:
- http://web2py.com
- http://web2py.com/book (Documentation)
- http://github.com/web2py/web2py (Source code)
- https://code.google.com/p/web2py/issues/list (Report Issues)
---
You received this message because you are subscribed to the Google Groups "web2py-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to web2py+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Martin Lohner
May 5, 2014, 10:21:37 AM5/5/14
to web...@googlegroups.com
Hi...
try this:
request.is_local=True
in
Dne neděle, 20. dubna 2014 20:52:28 UTC+2 Pawan Gupta napsal(a):
web2py\applications\admin\models\access.py (on line 21) resp. before this code:
if request.env.http_x_forwarded_for or request.is_https:
session.secure()
elif not request.is_local and not DEMO_MODE:
raise HTTP(200, T('Admin is disabled because insecure channel'))
ml
Dne neděle, 20. dubna 2014 20:52:28 UTC+2 Pawan Gupta napsal(a):
Dave S
May 5, 2014, 3:54:28 PM5/5/14
to web...@googlegroups.com
This should only be done for testing purposes, right? Because the point of the check of is_local is to prevent unknown users from getting to the admin app.
/dps
/dps
Martin Lohner
May 6, 2014, 4:46:21 AM5/6/14
to web...@googlegroups.com
...yes, yes ...ONLY for testing or for "remote" development...(my case)
Dne pondělí, 5. května 2014 21:54:28 UTC+2 Dave S napsal(a):
..but it is possible (for example) to link to a specific IP address for a long term solution ... .
Yes, but it's not "bullet-proof" solution ...
ml
Dne pondělí, 5. května 2014 21:54:28 UTC+2 Dave S napsal(a):
Massimo Di Pierro
May 6, 2014, 9:17:48 AM5/6/14
to web...@googlegroups.com
yes. you can edit admin/model/access.py and replace this:
f request.env.http_x_forwarded_for or request.is_https:
session.secure()
elif not request.is_local and not DEMO_MODE:
raise HTTP(200, T('Admin is disabled because insecure channel'))
with:
f request.env.http_x_forwarded_for or request.is_https:
session.secure()
elif not request.is_local and not DEMO_MODE and not request.client!='<your IP adress>':
raise HTTP(200, T('Admin is disabled because insecure channel'))
Reply all
Reply to author
Forward
0 new messages